Reports of cyber attacks to companies continue to rise. Now, it seems that no month passes without the news of new huge cybernetic attacks that cause commotions among companies. 2018 was a year with notable attacks, and as it well-known they did not stop, and continue to early 2019.
Some of these cyber attacks are:
– The systems of the city of Alaska were blocked for more than a week. Hackers stole the credit card data of 400.000 clients of British Airways through their official app.
– Something similar happened with 1.5 million registered patients of SingHealth (Singapore biggest health institution) including the Prime Minister, and many other.
– On January 30th 2019 was the turn of French aircraft fabricant, Airbus. In a brief statement, the French company informed that their information systems of commercial flights had suffered an attack that gave cyber criminals access to unauthorized data. The airline could not precise with certainty what data got compromised with attack.
There is a high probability the attack exposed personal information such as computerized ID information, or contact info of some employees from Airbus Europe. The method or type of attack was not revealed. This is not the first case that proves that even big companies are not safe from cyber crime, especially because of the number of possible attacks. It is important to find out in which scenarios it can happen, and to know what type of cyber attacks are common among companies.
– On the other hand, in early 2019, the Federal Information Security Office of Germany (BSI, by its acronym in German) said they were investigating a cyber attack against hundred of politicians, included the chancellor, Angela Merkel. This attack targeted all parties of the German Parliament, with the exception of the far-right party, Alternative for Germany (AfG).
Financial information, ID cards, and private chats were among the data hackers later posted online. Merkel fax number, email, and several letters were also published. The Government still has not name any suspect or given possible reasons for the attack.
With the number of cyber attacks each year, small to big scale organizations are looking for experts to protect their systems and networks from cyber criminals. But even with this, breaches in cyber security can still happen, and it will make easier the job of these criminals. One key element behind talent breach is that organizations look for candidates with credentials and practical knowledge.
A 2017 survey for companies pointed out the most common categories of cyber attacks. The results did not surprised industry experts, and are easily applicable to most countries. According to the information, the business world usually deals with malware (90%), phishing (89%), social engineering (47%), and DoS (28%). Understanding what is behind these terms is a step to face IT security problems inside the company.
The most Common Cyber Attacks
– Malware: The fact that malware (malicious software) is first in the cyber attack ranking should not surprise us. Unfortunately, most of us have already had some experience with malware in the past in our house or jobs.
The generic term malware includes virus, worms, Troy horses, spywares or those programs meant to harm computers and devices. Now, the best solution to be protected from malwares is still antimalware programs. Many developers also offer special solutions for businesses.
– Phishing: Is a very common cyber attack, and as popular as malware. Cyber criminals try to extract sensitive information such as passwords or payment information, especially with the use of forged emails. In addition, email spoofing, and the thread of supplanting the URL can also be present.
The latest version of phishing uses malicious web sites instead of emails. Due to the technological advances and growing cases of phishing, the attacks are difficult to identify them as such. Encrypting emails and digital signatures are the go-to tools to effectively protect oneself against this type of attack. In the corporative world, S/MIME certificates have stablished as an excellent way for protection.
– Social Engineering: Cyber criminals’ access to the computing systems of a company does not necessarily come from technology, it can also happen out of negligence and distraction of the employees. Social engineer refers to exploiting its vulnerabilities, and to elude a business’ security measures.
For cyber criminals, social engineering methods are quick and easy to implement.
Comparing piracy in a network is a difficult task since social engineering methods can go from asking for help; pretend there is an emergency, even extortion. These attacks are usually hard to prevent; nevertheless, there are some ways to tackle it: create conscience in employees about social engineering and IT security is the only way to fight this threat.
– (Distributed) Denial of Services: The use of Denial of Services (DoS) by cyber criminals is meant to compromise Internet services accessibility as well as the access to a web page. Companies fear DoS attacks because what it can cause, which includes economic loses.
A variation from it is the distributed DoS (DDoS). Different devices attack the IT infrastructure of a company until its overload. InterNetx DDoS Protection can provide the necessary protection against these attacks. DDoS Protection guarantees that the servers overload does not extend to other servers.
Malware, phishing, social engineering, and DDos are some of the most common cyber attacks companies have to deal with every day. For this reason, it is important that they adopt proper protection measures to avoid cyber criminals do as they please.
Predicting the future is too complicated, but by observing the behavior of the last few years we can be certain that cyber crime is ever growing. In 2018, there were various attacks that affected numerous companies around the world. We can find other examples on Digital Attack Map, a web page which shows were the attacks have happened in a specific day of the year.